Electric Vehicle Charging - Where's The Cyber
Susan Howard
S4x24 - ICS Security Conference · Day 3 · Main Stage
In this insightful S4 conference talk, Susan Howard, a prominent voice in critical infrastructure cybersecurity, dissects the significant and often overlooked cybersecurity vulnerabilities within the burgeoning Electric Vehicle (EV) charging ecosystem. As governments worldwide, particularly in the United States, commit billions to rapid EV infrastructure deployment, Howard highlights a critical disconnect: the urgent need for robust cybersecurity standards and practices is being outpaced by the rush to market and a fragmented regulatory landscape. Her presentation serves as a stark warning, revealing that despite massive investments, the foundational security of EV charging stations and their underlying communication protocols remains alarmingly weak, posing risks not just to financial transactions but to the stability of the electric grid and public safety.
AI review
Dr. Howard's S4 talk is a critical, no-nonsense exposé on the alarming cybersecurity state of the rapidly expanding EV charging infrastructure. She meticulously uncovers the intentional insecurity of OCPP 1.6, the glaring absence of a unified reference architecture, and the widespread deployment of systems with basic flaws like hardcoded credentials and direct internet exposure, as evidenced by a staggering 24,400 exposed systems. Most disturbingly, she highlights a demonstrated cyber-physical vulnerability in extreme fast chargers that can lead to fires, underscoring the severe risks beyond…